Bump the dependencies group with 4 updates

[dependabot]

Bumps the dependencies group with 4 updates: ch.qos.logback:logback-classic, ch.qos.logback:logback-core, com.google.guava:guava and edu.stanford.nlp:stanford-corenlp.

Updates ch.qos.logback:logback-classic from 1.5.17 to 1.5.18

Release notes

Sourced from ch.qos.logback:logback-classic's releases.

Logback 1.5.18

2025-03-18 Release of logback version 1.5.18

• Added support for XZ compression for archived log files. Note that XZ compression requires Tukaani project's XZ library for Java. In case XZ compression is requested but the XZ library is missing, then logback will substitute GZ compression as a fallback. This feature was requested in issues/755.

• Removed references to java.security.AccessController class. This class has been deprecated for some time and is slated for removal in future JDK versions.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit b2a02f065379a9b1ba5ff837fc08913b744774bc associated with the tag v_1.5.18. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Commits

• b2a02f0 prepare release 1.5.18
• 991de58 remove references to AccessController marked for deletion in the JDK
• f54ab16 If compression mode is XZ but the XZ library is missing, then fallback to GZ ...
• fb45971 add support for XZ compression
• 31c1f55 add xz compression support with tests
• 8968d0f introduce strategy based compression
• 834059c start work on 1.5.18-SNAPSHOT
• See full diff in compare view

Updates ch.qos.logback:logback-core from 1.5.17 to 1.5.18

Release notes

Sourced from ch.qos.logback:logback-core's releases.

Logback 1.5.18

2025-03-18 Release of logback version 1.5.18

• Added support for XZ compression for archived log files. Note that XZ compression requires Tukaani project's XZ library for Java. In case XZ compression is requested but the XZ library is missing, then logback will substitute GZ compression as a fallback. This feature was requested in issues/755.

• Removed references to java.security.AccessController class. This class has been deprecated for some time and is slated for removal in future JDK versions.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit b2a02f065379a9b1ba5ff837fc08913b744774bc associated with the tag v_1.5.18. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Commits

• b2a02f0 prepare release 1.5.18
• 991de58 remove references to AccessController marked for deletion in the JDK
• f54ab16 If compression mode is XZ but the XZ library is missing, then fallback to GZ ...
• fb45971 add support for XZ compression
• 31c1f55 add xz compression support with tests
• 8968d0f introduce strategy based compression
• 834059c start work on 1.5.18-SNAPSHOT
• See full diff in compare view

Updates ch.qos.logback:logback-core from 1.5.17 to 1.5.18

Release notes

Sourced from ch.qos.logback:logback-core's releases.

Logback 1.5.18

2025-03-18 Release of logback version 1.5.18

• Added support for XZ compression for archived log files. Note that XZ compression requires Tukaani project's XZ library for Java. In case XZ compression is requested but the XZ library is missing, then logback will substitute GZ compression as a fallback. This feature was requested in issues/755.

• Removed references to java.security.AccessController class. This class has been deprecated for some time and is slated for removal in future JDK versions.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit b2a02f065379a9b1ba5ff837fc08913b744774bc associated with the tag v_1.5.18. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Commits

• b2a02f0 prepare release 1.5.18
• 991de58 remove references to AccessController marked for deletion in the JDK
• f54ab16 If compression mode is XZ but the XZ library is missing, then fallback to GZ ...
• fb45971 add support for XZ compression
• 31c1f55 add xz compression support with tests
• 8968d0f introduce strategy based compression
• 834059c start work on 1.5.18-SNAPSHOT
• See full diff in compare view

Updates com.google.guava:guava from 33.4.0-jre to 33.4.5-jre

Release notes

Sourced from com.google.guava:guava's releases.

33.4.5

Even if you're not upgrading from Guava 33.4.0 or earlier, still read the release notes for Guava 33.4.1. Those release notes contain information about Guava 33.4.5's effect on the module system.

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.4.5-jre</version>
  <!-- or, for Android: -->
  <version>33.4.5-android</version>
</dependency>

Jar files

• 33.4.5-jre.jar
• 33.4.5-android.jar

Guava requires one runtime dependency, which you can download here:

• failureaccess-1.0.3.jar

Javadoc

• 33.4.5-jre
• 33.4.5-android

JDiff

• 33.4.5-jre vs. 33.4.4-jre
• 33.4.5-android vs. 33.4.4-android
• 33.4.5-android vs. 33.4.5-jre

Changelog

• Changed the Guava jar (plus guava-testlib and failureaccess jars) to be a modular jar. (7a71ea0bfa, 287c701a86)
• Changed various classes to stop using sun.misc.Unsafe under Java 9+. (ee63055ddd, 80aab00dc5b7a36785f5e09b6a54397388980cde, 400af25292096746ed3f6164f0ff88209acbb19f, 71d0692d418a5dd001c9b3786275a5f1f94e1971, d1a3cd5037528a2ae990bfceed9cdd009fbc54de, b3bb29a54b8f13d6f6630b6cb929867adbf6b9a0, 1a300f6b2f7ba03ae9bc3620a80c4d4589c65b69)
  • Note that, if you use guava-android on the JVM (instead of using guava-jre), Guava will still try to use sun.misc.Unsafe. We will do further work on this in the future.
• Belatedly updated the Public Suffix List data. (ee3b9c64382037f72b3a8341915cc64b87850b53, d25d62fc843ece1c3866859bc8639b815093eac8)

Special thanks to @​sgammon for his modularization efforts.

33.4.4

This is one of a series of releases that improve Guava's nullness annotations. For more information, including troubleshooting help, see the release notes for Guava 33.4.1. Most users can update directly to Guava 33.4.5.

Maven

</tr></table> 

... (truncated)

Commits

• See full diff in compare view

Updates edu.stanford.nlp:stanford-corenlp from 4.5.8 to 4.5.9

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.